Re: [Samba] Failover
By the way! All your DCs should be able to run the 10.48.16.155!?? And all your shares are mapped like this : \\10.48.16.155\share!? How do you manage the second Controller to take over when the Master DC is down. It is important to have the DC slave dns working. With the internal DNS or dlz_bind I did not succeed to manage this. Only flat files could do the job for me. So the best thing to do Is to map like \\your.domain\share. No failover Ip is needed. Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Robert Gurdon Gesendet: Montag, 7. Oktober 2013 16:15 An: samba@lists.samba.org Betreff: [Samba] Failover Hi guys, I have a domain with Samba 4.0.5 domain controllers and also a failover DRBD shared disk, where the active DC controlls the access to the disk. DOMAINC01 - 10.48.16.150 DOMAINC02 - 10.48.16.151 DOMAINCHA - 10.48.16.155 this would be the failover IP, which works perfectly on Windows XP clients. I can see the shares, just like on DOMAINC01 or DOMAINC02 and if the users has the proper credentials they can write open etc. But when I try to do the same on a Windows 7 client I simply get an error message You dont have the proper rights to open the directory I guess because of the DOMAINCHA virtual controller is not in the AC, but shall I add a computer to the AC so my win7 clients could open the available shares? Thanks, Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Failover
Hi, Actually my main problem atm, I can't open the shares from windows 7 clients (object couldn't found), \\domain\share and also \10.48.16.155\share is working perfectly from windows XP clients. Both DC are running his own DNS server (i am using bind9) and also their own sysvol and stuffz. Only the data part controlled by drbd+heartbeat. Refards, Robert 2013/10/14 Daniel Müller muel...@tropenklinik.de By the way! All your DCs should be able to run the 10.48.16.155!?? And all your shares are mapped like this : \\10.48.16.155\share!? How do you manage the second Controller to take over when the Master DC is down. It is important to have the DC slave dns working. With the internal DNS or dlz_bind I did not succeed to manage this. Only flat files could do the job for me. So the best thing to do Is to map like \\your.domain\share. No failover Ip is needed. Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Robert Gurdon Gesendet: Montag, 7. Oktober 2013 16:15 An: samba@lists.samba.org Betreff: [Samba] Failover Hi guys, I have a domain with Samba 4.0.5 domain controllers and also a failover DRBD shared disk, where the active DC controlls the access to the disk. DOMAINC01 - 10.48.16.150 DOMAINC02 - 10.48.16.151 DOMAINCHA - 10.48.16.155 this would be the failover IP, which works perfectly on Windows XP clients. I can see the shares, just like on DOMAINC01 or DOMAINC02 and if the users has the proper credentials they can write open etc. But when I try to do the same on a Windows 7 client I simply get an error message You dont have the proper rights to open the directory I guess because of the DOMAINCHA virtual controller is not in the AC, but shall I add a computer to the AC so my win7 clients could open the available shares? Thanks, Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Failover
Hi guys, I have a domain with Samba 4.0.5 domain controllers and also a failover DRBD shared disk, where the active DC controlls the access to the disk. DOMAINC01 - 10.48.16.150 DOMAINC02 - 10.48.16.151 DOMAINCHA - 10.48.16.155 this would be the failover IP, which works perfectly on Windows XP clients. I can see the shares, just like on DOMAINC01 or DOMAINC02 and if the users has the proper credentials they can write open etc. But when I try to do the same on a Windows 7 client I simply get an error message You dont have the proper rights to open the directory I guess because of the DOMAINCHA virtual controller is not in the AC, but shall I add a computer to the AC so my win7 clients could open the available shares? Thanks, Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Failover
Hi guys, I have a domain with Samba 4.0.5 domain controllers and also a failover DRBD shared disk, where the active DC controlls the access to the disk. DOMAINC01 - 10.48.16.150 DOMAINC02 - 10.48.16.151 DOMAINCHA - 10.48.16.155 this would be the failover IP, which works perfectly on Windows XP clients. I can see the shares, just like on DOMAINC01 or DOMAINC02 and if the users has the proper credentials they can write open etc. But when I try to do the same on a Windows 7 client I simply get an error message You dont have the proper rights to open the directory I guess because of the DOMAINCHA virtual controller is not in the AC, but shall I add a computer to the AC so my win7 clients could open the available shares? Thanks, Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Failover
On Mon, 2013-10-07 at 15:36 +0200, Sandbox wrote: Hi guys, I have a domain with Samba 4.0.5 domain controllers and also a failover DRBD shared disk, where the active DC controlls the access to the disk. DOMAINC01 - 10.48.16.150 DOMAINC02 - 10.48.16.151 DOMAINCHA - 10.48.16.155 this would be the failover IP, which works perfectly on Windows XP clients. I can see the shares, just like on DOMAINC01 or DOMAINC02 and if the users has the proper credentials they can write open etc. But when I try to do the same on a Windows 7 client I simply get an error message You dont have the proper rights to open the directory I guess because of the DOMAINCHA virtual controller is not in the AC, but shall I add a computer to the AC so my win7 clients could open the available shares? Please don't use DRDB with Samba as an AD DC. You don't need it (you should have two DRS replicating DCs). The reason I am so strongly against this is that I had to work very hard to recover a corrupt database at such a site. We suspect that barriers were either not enabled or not passed down to the OS in this case, followed by a unexpected loss of power. The corrupt database was then perfectly mirrored to the DRDB clone, resulting in two corrupt mirrors. DRS replication likely would have detected the corruption (because the database would not have been valid) and failed the replica, saving the data. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Failover
2013-10-07 21:11 keltezéssel, Andrew Bartlett írta: On Mon, 2013-10-07 at 15:36 +0200, Sandbox wrote: Hi guys, I have a domain with Samba 4.0.5 domain controllers and also a failover DRBD shared disk, where the active DC controlls the access to the disk. DOMAINC01 - 10.48.16.150 DOMAINC02 - 10.48.16.151 DOMAINCHA - 10.48.16.155 this would be the failover IP, which works perfectly on Windows XP clients. I can see the shares, just like on DOMAINC01 or DOMAINC02 and if the users has the proper credentials they can write open etc. But when I try to do the same on a Windows 7 client I simply get an error message You dont have the proper rights to open the directory I guess because of the DOMAINCHA virtual controller is not in the AC, but shall I add a computer to the AC so my win7 clients could open the available shares? Please don't use DRDB with Samba as an AD DC. You don't need it (you should have two DRS replicating DCs). The reason I am so strongly against this is that I had to work very hard to recover a corrupt database at such a site. We suspect that barriers were either not enabled or not passed down to the OS in this case, followed by a unexpected loss of power. The corrupt database was then perfectly mirrored to the DRDB clone, resulting in two corrupt mirrors. DRS replication likely would have detected the corruption (because the database would not have been valid) and failed the replica, saving the data. Andrew Bartlett Hi, You misunderstood me, I don't use DRBD as database storage (only for users documents and stuffs) my servers database are sitting on their private place :) -- Kind regards: Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] failover shares
Hi, I have a failover configuration. The domain controller's IP: 10.23.14.150 as dc01 The failover IP is: 10.23.14.155 as dcha I added an A and a CNAME record to the dns for the failover IP. It is working, i can see the shares, but I could not enter to any share as user, as Administrator it works. I tried to add the interface variable (i am not sure this is available in samba4), that wasn't helped. Thanks, Robert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Linux-HA] Samba failover causes different UID's
On 2/28/2011 at 09:21 PM, Caspar Smit c.s...@truebit.nl wrote: Hi, I have two machines in a cluster and want to create a high available samba share that connects to active directory for user information. The storage is DRBD and the filesystem is XFS. I'm using pacemaker as cluster software and using the lsb:samba init script. I connected both machines to my Windows AD server and tested this using winbind. winbind -u gives me all AD users which seems fine. This works on both machines so everything looks ok. When I connect from a windows client to the samba share I don't need to enter credentials so that looks fine too. When I start to put some files on the share the correct credentials are used when I check with ls -al on the mountpoint in linux. So far so good. BUT when I do a failover to the other node the share is up but suddenly I cannot connect from the windows client anymore without entering credentials and when I check with ls -al on the mountpoint on the other machine it maps the existing files (which I put there when the share was running on the other node) suddenly with whole different UID's. Where is the mapping of UID's taking place and how can I fix this? Both systems lookup their user information from the same AD server, how can they still lookup different UID's when looking at the same server and files? Because by default Samba hands out UIDs on a first come first served basis. You need to configure a different UID mapping scheme. Have a look at idmap config and idmap backend in the smb.conf manpage. RID might be the easiest thing to set up (where Samba generates UIDs based on Windows SIDs). Configuring UNIX UIDs in some LDAP backend, or directly in AD via (RFC2307 or Services For UNIX or whatever it's called these days) might be better (you get to decide what the UIDs actually are, and this'll apparently work with multiple AD domains/trusted domains). HTH, Tim -- Tim Serong tser...@novell.com Senior Clustering Engineer, OPS Engineering, Novell Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Linux-HA] Samba failover causes different UID's
On 2/28/2011 at 10:39 PM, Tim Serong tser...@novell.com wrote: On 2/28/2011 at 09:21 PM, Caspar Smit c.s...@truebit.nl wrote: Hi, I have two machines in a cluster and want to create a high available samba share that connects to active directory for user information. The storage is DRBD and the filesystem is XFS. I'm using pacemaker as cluster software and using the lsb:samba init script. I connected both machines to my Windows AD server and tested this using winbind. winbind -u gives me all AD users which seems fine. This works on both machines so everything looks ok. When I connect from a windows client to the samba share I don't need to enter credentials so that looks fine too. When I start to put some files on the share the correct credentials are used when I check with ls -al on the mountpoint in linux. So far so good. BUT when I do a failover to the other node the share is up but suddenly I cannot connect from the windows client anymore without entering credentials and when I check with ls -al on the mountpoint on the other machine it maps the existing files (which I put there when the share was running on the other node) suddenly with whole different UID's. Where is the mapping of UID's taking place and how can I fix this? Both systems lookup their user information from the same AD server, how can they still lookup different UID's when looking at the same server and files? Because by default Samba hands out UIDs on a first come first served basis. You need to configure a different UID mapping scheme. Have a look at idmap config and idmap backend in the smb.conf manpage. RID might be the easiest thing to set up (where Samba generates UIDs based on Windows SIDs). Configuring UNIX UIDs in some LDAP backend, or directly in AD via (RFC2307 or Services For UNIX or whatever it's called these days) might be better (you get to decide what the UIDs actually are, and this'll apparently work with multiple AD domains/trusted domains). Oh, you probably also want to look at: http://linux-ha.org/wiki/Samba In particular the note about setting lock directory and private dir to some directory on your shared filesystem. Guess I'd better add the UID mapping stuff to that wiki page too... Regards, Tim -- Tim Serong tser...@novell.com Senior Clustering Engineer, OPS Engineering, Novell Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba failover causes different UID's
Hi, I have two machines in a cluster and want to create a high available samba share that connects to active directory for user information. The storage is DRBD and the filesystem is XFS. I'm using pacemaker as cluster software and using the lsb:samba init script. I connected both machines to my Windows AD server and tested this using winbind. winbind -u gives me all AD users which seems fine. This works on both machines so everything looks ok. When I connect from a windows client to the samba share I don't need to enter credentials so that looks fine too. When I start to put some files on the share the correct credentials are used when I check with ls -al on the mountpoint in linux. So far so good. BUT when I do a failover to the other node the share is up but suddenly I cannot connect from the windows client anymore without entering credentials and when I check with ls -al on the mountpoint on the other machine it maps the existing files (which I put there when the share was running on the other node) suddenly with whole different UID's. Where is the mapping of UID's taking place and how can I fix this? Both systems lookup their user information from the same AD server, how can they still lookup different UID's when looking at the same server and files? Kind regards, Caspar Smit -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Linux-HA] Samba failover causes different UID's
Tim, Thank you very much for this, I will check out the manpage and wiki page. Kind regards, Caspar Smit 2011/2/28 Tim Serong tser...@novell.com On 2/28/2011 at 09:21 PM, Caspar Smit c.s...@truebit.nl wrote: Hi, I have two machines in a cluster and want to create a high available samba share that connects to active directory for user information. The storage is DRBD and the filesystem is XFS. I'm using pacemaker as cluster software and using the lsb:samba init script. I connected both machines to my Windows AD server and tested this using winbind. winbind -u gives me all AD users which seems fine. This works on both machines so everything looks ok. When I connect from a windows client to the samba share I don't need to enter credentials so that looks fine too. When I start to put some files on the share the correct credentials are used when I check with ls -al on the mountpoint in linux. So far so good. BUT when I do a failover to the other node the share is up but suddenly I cannot connect from the windows client anymore without entering credentials and when I check with ls -al on the mountpoint on the other machine it maps the existing files (which I put there when the share was running on the other node) suddenly with whole different UID's. Where is the mapping of UID's taking place and how can I fix this? Both systems lookup their user information from the same AD server, how can they still lookup different UID's when looking at the same server and files? Because by default Samba hands out UIDs on a first come first served basis. You need to configure a different UID mapping scheme. Have a look at idmap config and idmap backend in the smb.conf manpage. RID might be the easiest thing to set up (where Samba generates UIDs based on Windows SIDs). Configuring UNIX UIDs in some LDAP backend, or directly in AD via (RFC2307 or Services For UNIX or whatever it's called these days) might be better (you get to decide what the UIDs actually are, and this'll apparently work with multiple AD domains/trusted domains). HTH, Tim -- Tim Serong tser...@novell.com Senior Clustering Engineer, OPS Engineering, Novell Inc. ___ Linux-HA mailing list linux...@lists.linux-ha.org http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: RE [Samba] Failover LDAP?
Sorry you are right; Figure 6.2. Samba Configuration to Use a Single LDAP Server The addition of a failover LDAP server can simply be done by adding a second entry for the failover server to the single ldapsam entry, as shown here (note the particular use of the double quotes): passdb backend = ldapsam:ldap://master.abmas.biz \ ldap://slave.abmas.biz; Thats my fault for not using the correct example. Adrian Sender. From: Andrew Bartlett [EMAIL PROTECTED] To: adrian sender [EMAIL PROTECTED] CC: samba@lists.samba.org Subject: Re: RE [Samba] Failover LDAP? Date: Mon, 29 May 2006 13:36:25 +1000 On Sun, 2006-05-28 at 19:05 +1000, adrian sender wrote: Samba 3 By Example Chapter 6. Figure 6.3. Samba Configuration to Use a Dual (Fail-over) LDAP Server passdb backend = ldapsam:ldap://master.abmas.biz \ ldapsam:ldap://slave.abmas.biz This is the incorrect way to handle this problem. The correct syntax is given as an example in the smb.conf manpage: passdb backend = ldapsam:ldap://ldap-1.example.com \ ldap://ldap-2.example.com; Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] Failover LDAP?
Thanks Andrew and the others who gave suggestions on this. I guess the only left now is to actually test it to see if it works. - delamatrix Andrew Bartlett wrote: On Sun, 2006-05-28 at 19:05 +1000, adrian sender wrote: Samba 3 By Example Chapter 6. Figure 6.3. Samba Configuration to Use a Dual (Fail-over) LDAP Server passdb backend = ldapsam:ldap://master.abmas.biz \ ldapsam:ldap://slave.abmas.biz This is the incorrect way to handle this problem. The correct syntax is given as an example in the smb.conf manpage: passdb backend = ldapsam:ldap://ldap-1.example.com \ ldap://ldap-2.example.com; Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] Failover LDAP?
Samba 3 By Example Chapter 6. Figure 6.3. Samba Configuration to Use a Dual (Fail-over) LDAP Server passdb backend = ldapsam:ldap://master.abmas.biz \ ldapsam:ldap://slave.abmas.biz Cheers, Adrian Sender. From: Golden Butler [EMAIL PROTECTED] To: Samba Mailing List samba@lists.samba.org Subject: [Samba] Failover LDAP? Sent: Friday, 26 May 2006 1:41:19 PM Okay, I've searched around on this, but can't find any examples or docs. Is there a way to specify a second ldap server in the smb.conf, in case the primary ldap server fails or become unreachable? - Delamatrix -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] Failover LDAP?
On Sun, 2006-05-28 at 19:05 +1000, adrian sender wrote: Samba 3 By Example Chapter 6. Figure 6.3. Samba Configuration to Use a Dual (Fail-over) LDAP Server passdb backend = ldapsam:ldap://master.abmas.biz \ ldapsam:ldap://slave.abmas.biz This is the incorrect way to handle this problem. The correct syntax is given as an example in the smb.conf manpage: passdb backend = ldapsam:ldap://ldap-1.example.com \ ldap://ldap-2.example.com; Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Failover LDAP?
You should be able to specify them as a list ldap server = ldap1 ldap2 ldap3 Though that was for 2.2, looking at my 3.0 confs I've got passdb backend = ldapsam:ldap://ldapX which is local to the PDC/BDC you probably want passdb backend = ldapsam:ldap://ldap1 ldap://ldap2; I think the quotes are important. Duncan Golden Butler wrote: Okay, I've searched around on this, but can't find any examples or docs. Is there a way to specify a second ldap server in the smb.conf, in case the primary ldap server fails or become unreachable? - Delamatrix -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Failover LDAP?
http://us5.samba.org/samba/docs/man/Samba-Guide/2000users.html#ch7dualok Golden Butler wrote: Okay, I've searched around on this, but can't find any examples or docs. Is there a way to specify a second ldap server in the smb.conf, in case the primary ldap server fails or become unreachable? - Delamatrix -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Failover LDAP?
Okay, I've searched around on this, but can't find any examples or docs. Is there a way to specify a second ldap server in the smb.conf, in case the primary ldap server fails or become unreachable? - Delamatrix -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Failover Domain Setup Question
Hey guys! Here is my setup: We have 2 buildings across several subnets. The buildings are connected by wireless radio connection. The PDC is located at one building. Occasionally we have had connection problems with our wireless link. In the event that this goes down, we are placing servers in the second building so people can continue to work. If it goes down 100%, then users wont be able to log into their machines because the conenction to the PDC has been lost. OS' are 98, 2k, XP. Would setting up a BDC in that location make it possible for clients to authenticate with the BDC in case the PDC is unreachable? Thanks, Adam -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] failover/redundancy with dfs, ldap, and samba
Hello, I have some general failover/redundancy questions: 1) Is it possible to have samba use multiple ldap servers without an external load balancing solution like a Cisco CSS? 2) I want to have samba be my dfs root. How can I have redundant/failover dfs root servers again without some sort of load balancing device like a CSS if that would even work in this situationI think it would, it would work in a failover but certainly not in a load balancing scenario...hrm...the more I think about it leads me to think that it could be possible of the load balancing switch handles sessions correctly but I imagine that could get quite messy. Thoughts please! = Terry __ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Failover
If I understand you correctly, you are going to deploy Samba as a BDC to a Windows PDC. This won't work. See section 6.4.2 of the Samba HOWTO Collection. What you would need to do is set up a Samba PDC with LDAP and then set up the second box as a Samba BDC with a slave LDAP database. -Chris On Thu, 2003-09-04 at 11:31, Alan Hicks wrote: This problem has just been dumped into my lap over the last two or three days. I'm hopelessly in over my head here, and I'm hoping I can get some direction here. I've been searching google for some time, and not come up with my answers. Warning, much of what you are about to hear is ludicrously stupid on a technical level. I work for a small computer consulting firm. One of our clients is running a Windows 2000 file and print server with ADS. We intend to format this machine and reload Windows 2000, but without ADS. This server houses files for a proprietary program that is unsupported if the file server used is Samba. This client has about 20 computers at their offices, no more than a dozen of which ever use the server at the same time. The one machine is far more than enough to handle the load, but they decided they need failover (even though they've never had this server crash). They have purchased two Dell servers with SCSI hard drives and Intel Xeon 2,4 Ghz processors (yes, to do file and print sharing for 20 users; I told you it was ludicrous). My PHB has signed a contract with them to install Linux OSs on these boxes, and run Samba on them. Since their proprietary application isn't supported for Samba, they aren't going to move it over to either of these machines. These machines are only to do authentication in the unlikely event that the PDC (the Windows 2000 machines) should fail. I've done a lot of google searching and haven't come up with many leads. Is there a HOW-TO fr setting up Samba in a failover environment, specifically in making it play nice with a Windows PDC? The goal here is to have zero downtime, but I don't think the client understands that if those files for his application aren't present on the Samba servers, authenticating with them won't help him at all. -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba Failover
Alan, I haven't run samba with ads but as far as failover i have a redhat 8 server with samba 2.27 running as a PDC on it dell hardware raid, scsi etc and a another dell box low end server (redhat 8 samba 2.27) with ide drives and 2 80 gig drives, I do a rsync 2 times a day, I have two domains if one box the first box fails all i have to do is change the domain name and host name i will be able to authenticate all the users without a problem. It is the closest thing to keeping a hot standby Hope this helps a bit. Raj -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan Hicks Sent: Thursday, September 04, 2003 9:31 AM To: [EMAIL PROTECTED] Subject: [Samba] Samba Failover This problem has just been dumped into my lap over the last two or three days. I'm hopelessly in over my head here, and I'm hoping I can get some direction here. I've been searching google for some time, and not come up with my answers. Warning, much of what you are about to hear is ludicrously stupid on a technical level. I work for a small computer consulting firm. One of our clients is running a Windows 2000 file and print server with ADS. We intend to format this machine and reload Windows 2000, but without ADS. This server houses files for a proprietary program that is unsupported if the file server used is Samba. This client has about 20 computers at their offices, no more than a dozen of which ever use the server at the same time. The one machine is far more than enough to handle the load, but they decided they need failover (even though they've never had this server crash). They have purchased two Dell servers with SCSI hard drives and Intel Xeon 2,4 Ghz processors (yes, to do file and print sharing for 20 users; I told you it was ludicrous). My PHB has signed a contract with them to install Linux OSs on these boxes, and run Samba on them. Since their proprietary application isn't supported for Samba, they aren't going to move it over to either of these machines. These machines are only to do authentication in the unlikely event that the PDC (the Windows 2000 machines) should fail. I've done a lot of google searching and haven't come up with many leads. Is there a HOW-TO fr setting up Samba in a failover environment, specifically in making it play nice with a Windows PDC? The goal here is to have zero downtime, but I don't think the client understands that if those files for his application aren't present on the Samba servers, authenticating with them won't help him at all. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.512 / Virus Database: 309 - Release Date: 8/19/2003 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba failover plan on unix OS using hardware RAID
Hi all, I've been asked to produce a plan for samba failover for an office with about 30 2000/XP machines and a few unix servers. We currently have a FreeBSD single-harddrive SCSI box providing samba, dhcp and dns services. Reliability and cost are the priorities, in that order, over speed/performance. We just need the reliability - we don't ever ever want to have to switch to a new pdc. We could afford a few hours downtime in an emergency, and there would be no data to save, just configs which are easily backed up on a daily basis - I just need to assure my bosses that the trust relationship between the pdc and the XP clients won't be broken, even with a hardware failure. So, my suggestion is IDE hardware RAID 1, single but very good raid card, which can be replaced within a few hours by a trusted vendor, and 2 mirrored harddrives. What I would appreciate in terms of feedback is first, a basic sanity check - is this a standard and good plan? If not - what is and why? And second - I would really like to hear any real-life stories involving samba with hardware RAID on unix. Did anyone have a RAID, blow a harddrive, and have to/not have to rebuild the XP - trust relationship? Thanks much in advance for your time, Jeanne Schock Systems Administrator Regionalhelpwanted.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba failover plan on unix OS using hardware RAID
So, my suggestion is IDE hardware RAID 1, Since you asked, I would go with Raid 5. Your load being 20-30 clients is very light. is this a standard and good plan? Depends on many factors as your prereqs are generic being reliability and cost. I mean thats just about every ones prereq. You need to define; 1) data type 2) amertization period if any and I'm sure you have some kind of life span for both this need and tech used. 3) growth over time with hardware RAID on unix. Although my prereq are more intense than most on here, I would still suggest an external SCSI to IDE Raid box having SCSI 160/320 to a SCSI card in your PC. I would also suggest using XFS for Linux as a file system and testing viablity of RH9 if you plan to use RH that is. I've had both the 3ware internal SCSI to IDE and external RAID box being SCSI to IDE and I vote the latter Bcuz; 1) Better performance as the i/o is spread amongst the RAID box and the SCSI card. 2) Better reliability as you can get the external RAID box with hot swap for on the fly replacement of drives. 3) More controlled env as a good RAID box will have proper ventilation, etc while using a 3ware, you have to make sure your PC case has proper cooling. 4) Ease of install as you don't have to rely on specialized RAID drivers for your OS, only plain SCSI drivers being that the nature of this is host independant. Plus, don't go to cheap and being penny wise can be pound foolish. Bri- __ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] samba failover plan on unix OS using hardware RAID
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, June 13, 2003 12:25 PM To: Jeanne Schock; [EMAIL PROTECTED] Subject: Re: [Samba] samba failover plan on unix OS using hardware RAID Bri- I appreciate the comments. To answer some questions - This is an office with a limited number of personnel that isn't going to grow significantly over the next 12-18 months, which is as far as I can look. It will just be serving up samba, dns, dhcp - that's all, not even acting as a file server. I don't think that IDE RAID, with a top quality card, is short-sighted in this regard. That said - I will take a good look at your comments re. scsi hardware. thanks a lot. define my needs: while I agree that reliability is a bit generic, the need I have defined is very specific, and wasn't outright addressed in your comments. I need to be certain, that if one harddrive fails, that the other harddrive will continue as the pdc without any disturbance between XP client and samba server, ie. no loss of trust relationship. Simply put, my bosses want proof that a RAID will provide this failover, and I can't find anything definite on the net on this issue. Thanks again, Jeanne Schock -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba failover plan on unix OS using hardware RAID
Jeanne Schock said on Fri, Jun 13, 2003 at 01:19:42PM -0400: comments. I need to be certain, that if one harddrive fails, that the other harddrive will continue as the pdc without any disturbance between XP client and samba server, ie. no loss of trust relationship. Simply put, my bosses want proof that a RAID will provide this failover, and I can't find anything definite on the net on this issue. The RAID hardware is far below samba (or even the operating system), by design. The way that a RAID 5 works is that if you lose 1 drive, nothing notices (except the RAID monitor software, which will hopefully start calling pagers to get the failed drive replaced). Samba won't even notice that the drive has failed. RAID won't protect you against the whole machine crashing/power outaging/getting it's network card unplugged from the wall by a janitor, though. Something to keep in mind is that most IDE RAIDs don't let you hot swap drives, so while you won't instantly crash when you lose a drive, you will have to shutdown the computer to perform the disk replacement. M pgp0.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] samba failover plan on unix OS using hardware RAID
The RAID hardware is far below samba (or even the operating system), by design. The way that a RAID 5 works is that if you lose 1 drive, nothing notices (except the RAID monitor software, which will hopefully start calling pagers to get the failed drive replaced). Samba won't even notice that the drive has failed. exactly what I needed, thank you very much. Just needed someone out there to confirm. RAID 5 will do it. And I'm not worried about hot swapping - we can have even a few hours downtime if needed. Thanks Mark and to others that responded. Jeanne -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba failover
Well, I was wondering how to setup samba installations to provide fail-over for linux boxes that will be acting as a print-server for windows clients in an NT Domain (windows PDC and WINS servers). I didn't see any ideas in The Unofficial Samba Howto and the Samba- HOWTO-Collection. I was thinking having two print-servers NATed behind a linux router, and have the linux router do port forwarding on 137-139 to the main samba print-server, which talks to LPRng to talk to network attached printers. If the samba print-server goes down then switch the port-forwarding destination to the backup box with a similar configuration. What are the better ways? If there aren't any (which I doubt), is this even workable (I'm not sure having these two samba servers with the same netbios name, etc, is workable). Thanks for any ideas, ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba